メインコンテンツまでスキップ

Creating an Entrust SSL certificate for Cisco SCA

User-added image
For Cisco SCA

This process is in three parts:
1) Creating your Private Key
2) Creating your Certificate Signing Request (CSR)
3)
Installing your Certificate

Part 1 of 3: Creating your Private Key Please issue the following commands to create your private key:

# config
# ssl
# key new_key create
# genrsa bits 1024 encrypt des output entrust_key
You can specify up to 2048 as the bit length for the key. You must enter a password this key. Do not forget this password. Part 2 of 3: Creating your Certificate Signing Request (CSR) Please issue the following command to create your CSR:

# gencsr key entrust_key
This command uses entrust_key as the identifier for the key that was just generated. The CSR must correspond to a key that you have created. You will need to specify the following fields in your CSR: Common name: Enter the domain that is to be secured on the certificate. This is usually a fully qualified domain name (e.g. mydomain.com). Organization: Enter the legal business name of the organization. Organizational Unit : Enter the your department name (e.g. IT). City/Locality: The city in which your company is currently located. State/Province: The state in which your company is currently located. Country/Region: Select your country/Region. Part 3 of 3: Installing your Certificate First, you must install your webserver certificate . Copy your certificate from the browser and paste it into a text editor. Save it as a .crt file. You can install your certificate by using the following command

# enable
# configure
# cert Entrust_cert create
# pem-paste
Copy your certificate from the browser and paste it into the Cisco prompt. Your certificate has been stored as Entrust_Cert. You must now install the Entrust Root Certificate . Please verify which root certificate you need. You can obtain the root here: https://www.entrust.com/get-support/ssl-certificate-support/root-certificate-downloads/​ Simply copy and paste the root certificate into a text editor and save it as a entrustroot.crt

# ssl
# cert EntrustRoot create
# pem entrustroot.crt
Next, you will need to install the Entrust Intermediate Certificate (Cross Certificate) Copy the Cross Certificate from the browser and save it as entrustInt.crt. Use the following command to store this certificate:
# ssl
# cert EntrustInt create
# pem entrustInt.crt
# certgroup CACertGroup create
# cert EntrustInt
# cert EntrustRoot
# end 
You must now create a logical server:
# server server1 create
# ip address 10.1.2.4
# localport 443
# remoteport 81
# secpolicy myPol
# certgroup chain CACertGroup
# cert new_cert
# key new_key
# finished
# write flash
The certificate is now installed.

If you have any questions or concerns please contact the Entrust Certificate Services Support department for further assistance:

Hours of Operation:
Sunday 8:00 PM ET to Friday 8:00 PM ET
North America (toll free): 1-866-267-9297
Outside North America: 1-613-270-2680 (or see the list below)
NOTE: Smart Phone users may use the 1-800 numbers shown in the table below.
Otherwise, it is very important that international callers dial the UITF format exactly as indicated. Do not dial an extra "1" before the "800" or your call will not be accepted as an UITF toll free call.

Number
オーストラリア 0011 - 800-3687-7863
1-800-767-513
オーストリア 00 - 800-3687-7863
ベルギー 00 - 800-3687-7863
デンマーク 00 - 800-3687-7863
フィンランド 990 - 800-3687-7863 (Telecom Finland)
00 - 800-3687-7863 (Finnet)
フランス 00 - 800-3687-7863
ドイツ 00 - 800-3687-7863
香港 001 - 800-3687-7863 (Voice)
002 - 800-3687-7863 (Fax)
アイルランド 00 - 800-3687-7863
イスラエル 014 - 800-3687-7863
イタリア 00 - 800-3687-7863
日本 001 - 800-3687-7863 (KDD)
004 - 800-3687-7863 (ITJ)
0061 - 800-3687-7863 (IDC)
Korea 001 - 800-3687-7863 (Korea Telecom)
002 - 800-3687-7863 (Dacom)
マレーシア 00 - 800-3687-7863
オランダ 00 - 800-3687-7863
ニュージーランド 00 - 800-3687-7863
0800-4413101
ノルウェー 00 - 800-3687-7863
シンガポール 001 - 800-3687-7863
スペイン 00 - 800-3687-7863
スウェーデン 00 - 800-3687-7863 (Telia)
00 - 800-3687-7863 (Tele2)
スイス 00 - 800-3687-7863
台湾 00 - 800-3687-7863
英国 00 - 800-3687-7863
0800 121 6078
+44 (0) 118 953 3088